Web Application Scan
Scanning Preparation Setting
- Settings when the client device is a smartphone
- Settings for scanning a target using Websocket
- Settings for scanning websites using external authentication (SSO, etc.)
- Presetting for scanning a target using HTTPS communication
- Is it possible to run Vex through an internal proxy server?
- How to scan Web API applications
Create Scan Scenario / Test Sending
- Is there a way to check the domain whose communication has been blocked by Vex?
- Is there a way to modify the IP address of a previously obtained proxy log?
- How to reduce scanning time when a target includes a large number of paramerters
- How to hide requests with specific extensions or filenames
- How to download "Test results"
- How to change the character code when the request / response garbled
Signatures
- How to check the detail of signatures?
- How to obtain a signature list
- Features and differences of the signature groups
- Is there a function to create a new signature?
- What is the difference in the signatures shown in gray font and blue font on the Web "Plan" page?
- How to use the signature of "Response time measurement"
Scanning / Scan result
- SQL Injection has been detected on a request that did not access the database
- How to verify scan results
- Scanning logs with a gray backgroud on the scan result list
- Is there any way to check the request/response of Pre processor and Post processor acquired during a scan?
- What is "Additional parameters" ?
- When a session is expired or logout from Vex while scanning, Does Vex scanning continue?
Troubleshoot
- Checklist when Vex cannot acquire proxy logs
- Causes of "Scenario recreate error" and how to fix it
- How to deal with Abnormally terminated scanning plan
- A message saying "Connection to proxy server is rejected", "Proxy server is not responding" or other is displayed when accessing a scanning target website
- A security warning appears when accessing a target site
- When you can acquire proxy log, but cannot execute scanning